In Uni for game development, I actually had to find people to test my game, as a basic QA unit. They told us not to use friends. So basically, either we dox ourselves to strangers to prove to them that it's linked to an actual university, or we somehow convince strangers to run an EXE from a stranger. These skids have made it impossible for actual students to find strangers to test their projects.
@d9zirable they didn't really, funnily enough, the feedback was to be anonomized in the report so we could have made the entire thing up and not ran user testing at all. We didn't know that ahead of time, though.
@@EricParker But how is it not detected by AV, when it does the things it does? I wrote a script to control system volume. System volume.. and my AV freaked out :S
This scam all started to spread on Discord, and it was most predominately Lumma Stealers, but now this is a beginning of a new strain called Hexon, a game of cat and mouse that will never...ever end.
@@jacobsanmore sad if they instead of just stealing your friends' accounts impersonate them for a while before sending anything. seen that happen once
I find it funny that this has finally been covered. I was sent a version of this back in May, and it went under the name Lamenta. I actually had a conversation with the attacker as it was targeted towards Discord token logging. So it is nice to see that you got your hands on it. The version I was sent and analysed back then had practically no obfuscation.
thank you for covering this! i only got as far as trying to analyse the extremely obfuscated js file. very cool to see a full analysis. funny thing: the "game" both says its an unreal and a unity game. lol
Man i love your content i have a few questions do you reinstall widnows on a pc over and over or you use virtualization and if yes then how to correctly isolate it from leaking into host and which software you use
If possible it is recommended to get a dedicated hardware for virtualization specially if you want to test malicious software. So that you don't worry about it leaking into the host anymore
I once was playing a booth game in roblox,there was someone saying "pls test my game",i was telling everyone to be careful,when i got to that person and i started announcing it may be malware,he blacklisted me from the booth,and became angry at me,many people did fall for that probably,never test games from questionable persons.
A while ago I encountered a stealer that similarly used a nullsoft installer and then electron under the hood, but it was a lot less sophisticated. Interesting to see how things evolve over time
because it can, i guess i was messing around with something and i decided to make it close all discord editions and all browsers as well as other random stuff like notepad or it could be force quit so they can steal login info or something idk
"...if it just relied on the user being dumb and actually running it repeatedly" and that user was me. That was about 2 years ago, I still remember I used to click it 5 times assuming that I had made a mistake while installing it. The dumb part is since the first time it was opened it immediately opened CMD but I still didn't realize it lol. But after the "5" times, I immediately reinstalled windows and changed all my account passwords especially discord. I should be safe right?
@@feefre well i am not a bot but maybe cuz i play everything 3x speed (yoy can do it manually and set it to more then 2) i have a lotta vids watched quickly yk
@@mihikii It was a personalized message. He also tried to message my other contacts manually through my hijacked account (no one fell for it) And then he demanded ransom from his same account afterwards.
can they get your data just by clicking on the hyperlink to these Fack game downloads or does it actually half to be downloaded, thankyou Eric love your content bro, this is happening on discord everywhere now
@@HorizonC2 who asked? Like seriously tell me one person who asked. Tell me what was the purpose of you writing this. What did you want to accomplish. Like seriously shut the fuck up.
![Lethal Company Music Video 🎵 "Follow The Orders" [VERSION A]](http://i.ytimg.com/vi/QeooZB4Z7RA/mqdefault.jpg)
99% of game testers quit before they find a real game
just like gambling!!
Lemme fix this: “99% of game testers get scammed before they find a real game”
In Uni for game development, I actually had to find people to test my game, as a basic QA unit. They told us not to use friends. So basically, either we dox ourselves to strangers to prove to them that it's linked to an actual university, or we somehow convince strangers to run an EXE from a stranger. These skids have made it impossible for actual students to find strangers to test their projects.
"not to use friends" How the hell do they enforce that
@d9zirable they didn't really, funnily enough, the feedback was to be anonomized in the report so we could have made the entire thing up and not ran user testing at all. We didn't know that ahead of time, though.
@@JordanIdk Why didn't you just build for Web?
This can be run... but my home-made sound volume control panel is nuked by my anti-virus for suspicious activity. WTF
I think he disable antivirus in the vid
It's not detected by AV currently.
@@EricParker But how is it not detected by AV, when it does the things it does?
I wrote a script to control system volume. System volume.. and my AV freaked out :S
Wouldn't that be because the binary is too small?
@@EnjoyCocaColaLight cmon AVs freak out by a print hello world sometimes
This scam all started to spread on Discord, and it was most predominately Lumma Stealers, but now this is a beginning of a new strain called Hexon, a game of cat and mouse that will never...ever end.
Here's a great idea: every discord user is a script kiddie. Don't run random shit they send you.
@@jacobsan Scammers know I never fall for their junk so they never target me 🤪
@@jacobsanmore sad if they instead of just stealing your friends' accounts impersonate them for a while before sending anything. seen that happen once
@@jacobsan not "every single" discord user is a script kiddie i see that word get thrown around alot and its hilarious
@@Whatisaboolean yeah, I meant assume unknown users are script kiddies
name: "unreal game"
desciption: "Made in Unity Engine"
blatant
I find it funny that this has finally been covered. I was sent a version of this back in May, and it went under the name Lamenta. I actually had a conversation with the attacker as it was targeted towards Discord token logging. So it is nice to see that you got your hands on it. The version I was sent and analysed back then had practically no obfuscation.
Why are random words capitalized in the title?
capitalism>communism
I'd assume it's to Attract Viewers as Certain Keywords stand out More
@@Passkool thanks for the demonstration
I do that too. It's so the reader is drawn toward the words that are most important.
@@abyssguardian Lol same
thank you for covering this! i only got as far as trying to analyse the extremely obfuscated js file. very cool to see a full analysis.
funny thing: the "game" both says its an unreal and a unity game. lol
Man i love your content i have a few questions do you reinstall widnows on a pc over and over or you use virtualization and if yes then how to correctly isolate it from leaking into host and which software you use
He does use a virtual machine with VirtualBox. The main thing to be safe is to not use shared folders.
it's QEMU / KVM. I previously used vmware
If possible it is recommended to get a dedicated hardware for virtualization specially if you want to test malicious software. So that you don't worry about it leaking into the host anymore
@@EricParker nice man why did you switch
I once was playing a booth game in roblox,there was someone saying "pls test my game",i was telling everyone to be careful,when i got to that person and i started announcing it may be malware,he blacklisted me from the booth,and became angry at me,many people did fall for that probably,never test games from questionable persons.
roblox games are 100% safe, unless its a fake login game - if your account gets stolen by one of these you deserve it
@@truestbluuBut there were games that can get you banned so I wouldn’t say 100% safe
@@sandwich-plays yeah but it CANT be malware that's literally impossible
It was external games. Via discord
A while ago I encountered a stealer that similarly used a nullsoft installer and then electron under the hood, but it was a lot less sophisticated. Interesting to see how things evolve over time
Why does it try to kill Epic Games Launcher ?
because it can, i guess
i was messing around with something and i decided to make it close all discord editions and all browsers as well as other random stuff like notepad
or it could be force quit so they can steal login info or something
idk
They must REALLY hate Fortnite lmao
Great video as always!
"...if it just relied on the user being dumb and actually running it repeatedly"
and that user was me. That was about 2 years ago, I still remember I used to click it 5 times assuming that I had made a mistake while installing it. The dumb part is since the first time it was opened it immediately opened CMD but I still didn't realize it lol. But after the "5" times, I immediately reinstalled windows and changed all my account passwords especially discord. I should be safe right?
Excellent review
Agreed
you didn't even watch it
This screams bot but i cant pinpoint exactly why
@@feefre well i am not a bot but maybe cuz i play everything 3x speed (yoy can do it manually and set it to more then 2) i have a lotta vids watched quickly yk
@@Mat-e6s Not you, but the OP
i have the copy of GTA69 you must play now!
omg yes please!!!!!!!!!!
We got gta69 before gta6
I was reached out by my former client who I worked for before with this exact malware. I guess you just can't trust anyone
they hijack accounts & spread the malware on their accounts. hes probably a victim
@@mihikii It was a personalized message.
He also tried to message my other contacts manually through my hijacked account (no one fell for it)
And then he demanded ransom from his same account afterwards.
@@m.a.t.a.s It's likely they read through the message history to make up something more convincing
@@somenameidk5278 I mean the request itself made sense in the context but it wasn't related to the message history
can they get your data just by clicking on the hyperlink to these Fack game downloads or does it actually half to be downloaded, thankyou Eric love your content bro, this is happening on discord everywhere now
you didn't mention that the game was, infact, a unity game made in js copyrighted by unreal game inc.
hey eric, what about running viruses on the windows sandbox? is that safe at all? just curious
Do you have a tutorial for making a realistic VM?
I like this type of videos
is this the activation key? 4:00 xD
Yeah I get these a lot, always troll them a bit, and eventually say some really unnice things, as I dislike scammers :D
what
nice vid
How did you make this game use your proxy?
Wait, when did you start this type of stuff?
I got ratted today
7:14 undertale reference
Can I appeal a ban from your discord server?
1:51 that's a bot
OMG UNDERTALE REFERENCE!!
what is wrong with the title "oppurtunities"
youre a gamer
"But nobody came" no, NO Eric don't even summon that cesspool
What’s so bad about Undertale???
No way undertable reference??????&?&????!!?
@@thecodingpro11, well... Its community. I know what I'm talking about, I've been there for almost 6 years before leaving.
skibidi
@@HorizonC2 who asked? Like seriously tell me one person who asked. Tell me what was the purpose of you writing this. What did you want to accomplish. Like seriously shut the fuck up.
real
sigma fortnite pomni digital chamba
retard